Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/4a244d-51d1-4143-b6af-da4538022ac7/1/x9d2L3rz5cxxLPXG3YsdzDDEWmk.roa
File: x9d2L3rz5cxxLPXG3YsdzDDEWmk.roa (raw, json)
Hash identifier: ++nxk6XbW6j2LNqjpSMgffHooxgAk0WnWxB4Y3wA83o=
Subject key identifier: C7:D7:76:2F:7A:F3:E5:CC:71:2C:F5:C6:DD:8B:1D:CC:30:C4:5A:69
Certificate issuer: /CN=ba67bff7bad1eb8384b585df7bef1206f7f19f7e
Certificate serial: 018A2E738D582DA4B665E1D1234479D4539D
Authority key identifier: BA:67:BF:F7:BA:D1:EB:83:84:B5:85:DF:7B:EF:12:06:F7:F1:9F:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ume_97rR64OEtYXfe-8SBvfxn34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/4a244d-51d1-4143-b6af-da4538022ac7/1/x9d2L3rz5cxxLPXG3YsdzDDEWmk.roa
Signing time: Fri 25 Aug 2023 20:47:19 +0000
ROA not before: Fri 25 Aug 2023 20:47:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57797
IP address blocks: 193.22.129.0/24 maxlen: 24
2a12:8ac1::/32 maxlen: 48
2a12:8ac0::/29 maxlen: 48
2a12:8ac0::/40 maxlen: 48
Validation: Failed, certificate revoked on Sat 26 Aug 2023 12:19:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:2e:73:8d:58:2d:a4:b6:65:e1:d1:23:44:79:d4:53:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba67bff7bad1eb8384b585df7bef1206f7f19f7e
Validity
Not Before: Aug 25 20:47:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c7d7762f7af3e5cc712cf5c6dd8b1dcc30c45a69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:d9:da:eb:28:17:e8:bf:87:b2:33:b5:04:71:
eb:aa:50:98:6e:7a:29:df:94:65:bc:08:8a:6d:cb:
21:ed:18:1a:d7:34:41:78:db:24:2d:42:db:40:66:
2a:4b:03:1e:dd:60:89:1d:21:04:6f:57:2d:8f:5d:
dd:cb:68:f5:e3:5e:7d:f0:1c:73:1b:56:2d:63:d0:
fb:d0:74:4e:2e:1b:57:d8:2e:dd:59:06:00:61:ad:
19:11:b8:a9:fe:0c:7a:14:de:2b:31:79:fc:ad:5e:
ee:7f:d5:d2:e1:09:96:e3:6f:d3:6c:b3:9f:95:c0:
32:ec:7f:14:c3:9c:54:2c:36:52:3f:c5:e6:72:70:
1a:9c:fc:46:a4:68:98:eb:cf:7f:93:b1:fe:a2:01:
ca:59:26:d9:4a:72:98:15:fd:dd:26:76:b6:e8:d5:
a9:30:96:23:c7:5f:c5:0b:a9:e4:bb:4d:d8:32:09:
b5:17:68:8c:99:dc:bd:db:80:00:03:c6:4d:e6:90:
cd:23:03:a9:21:09:82:df:9e:46:28:f2:36:cf:99:
44:93:9c:3c:19:4f:27:2a:fe:81:d2:1f:98:06:fe:
b0:74:b8:8d:af:2a:56:28:73:1a:8a:f4:64:ec:ed:
5c:ee:d8:83:64:c9:2d:4d:3f:ef:24:d4:2f:c8:da:
31:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:D7:76:2F:7A:F3:E5:CC:71:2C:F5:C6:DD:8B:1D:CC:30:C4:5A:69
X509v3 Authority Key Identifier:
keyid:BA:67:BF:F7:BA:D1:EB:83:84:B5:85:DF:7B:EF:12:06:F7:F1:9F:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ume_97rR64OEtYXfe-8SBvfxn34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/4a244d-51d1-4143-b6af-da4538022ac7/1/x9d2L3rz5cxxLPXG3YsdzDDEWmk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/4a244d-51d1-4143-b6af-da4538022ac7/1/ume_97rR64OEtYXfe-8SBvfxn34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.22.129.0/24
IPv6:
2a12:8ac0::/29
Signature Algorithm: sha256WithRSAEncryption
84:16:38:92:82:2f:cc:01:05:9a:ab:ea:b7:f1:b2:73:35:37:
83:1b:e9:33:7d:8e:7c:63:61:0f:9c:ce:da:a5:95:10:4c:dc:
ef:bc:14:b3:a5:2d:ba:e3:2f:1f:24:1a:b0:36:24:e5:2e:d7:
ba:be:ed:4b:df:96:f5:69:15:51:68:5c:7a:91:94:79:3f:0b:
84:c3:91:6e:b1:e1:7f:c3:18:ed:17:75:05:3d:b0:0f:4d:8c:
03:cf:b2:21:12:91:30:a5:bb:98:ff:d7:a9:b2:49:44:27:7e:
b2:72:20:78:c1:b8:d7:1d:f9:e0:21:bb:03:15:0e:19:48:d7:
0d:c3:d0:ea:34:56:d3:2a:9f:2a:4f:4e:91:90:ac:05:8b:54:
a9:77:42:ad:ab:40:33:1d:f4:fd:a8:09:74:17:d6:69:39:56:
cd:4f:c6:7b:69:30:5a:96:2c:12:9a:f8:cc:41:b3:7e:2b:a3:
19:ce:24:ff:fa:a8:c2:52:96:06:48:e9:4c:4d:f4:b2:04:0a:
b5:a1:d2:84:48:a0:64:09:80:0d:93:06:b9:a5:90:fb:d6:50:
66:4f:a6:bb:e6:6d:de:74:98:48:95:23:44:91:38:92:d6:98:
de:0d:5f:61:c5:fa:2e:c2:1a:96:de:9b:85:4c:2c:3e:9b:1d:
e9:54:1b:27
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYouc41YLaS2ZeHRI0R51FOdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNjdiZmY3YmFkMWViODM4NGI1ODVkZjdiZWYxMjA2Zjdm
MTlmN2UwHhcNMjMwODI1MjA0NzE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2Q3NzYyZjdhZjNlNWNjNzEyY2Y1YzZkZDhiMWRjYzMwYzQ1YTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA59na6ygX6L+HsjO1BHHrqlCYbnop
35RlvAiKbcsh7Rga1zRBeNskLULbQGYqSwMe3WCJHSEEb1ctj13dy2j141598Bxz
G1YtY9D70HROLhtX2C7dWQYAYa0ZEbip/gx6FN4rMXn8rV7uf9XS4QmW42/TbLOf
lcAy7H8Uw5xULDZSP8XmcnAanPxGpGiY689/k7H+ogHKWSbZSnKYFf3dJna26NWp
MJYjx1/FC6nku03YMgm1F2iMmdy924AAA8ZN5pDNIwOpIQmC355GKPI2z5lEk5w8
GU8nKv6B0h+YBv6wdLiNrypWKHMaivRk7O1c7tiDZMktTT/vJNQvyNoxJQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMfXdi968+XMcSz1xt2LHcwwxFppMB8GA1UdIwQY
MBaAFLpnv/e60euDhLWF33vvEgb38Z9+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW1lXzk3clI2NE9FdFlYZmUtOFNCdmZ4bjM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi80YTI0NGQtNTFkMS00MTQzLWI2YWYt
ZGE0NTM4MDIyYWM3LzEveDlkMkwzcno1Y3h4TFBYRzNZc2R6RERFV21rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi80YTI0NGQtNTFkMS00MTQzLWI2YWYtZGE0NTM4MDIyYWM3
LzEvdW1lXzk3clI2NE9FdFlYZmUtOFNCdmZ4bjM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwRaBMA0E
AgACMAcDBQMqEorAMA0GCSqGSIb3DQEBCwUAA4IBAQCEFjiSgi/MAQWaq+q38bJz
NTeDG+kzfY58Y2EPnM7apZUQTNzvvBSzpS264y8fJBqwNiTlLte6vu1L35b1aRVR
aFx6kZR5PwuEw5FuseF/wxjtF3UFPbAPTYwDz7IhEpEwpbuY/9epsklEJ36yciB4
wbjXHfngIbsDFQ4ZSNcNw9DqNFbTKp8qT06RkKwFi1Spd0Ktq0AzHfT9qAl0F9Zp
OVbNT8Z7aTBaliwSmvjMQbN+K6MZziT/+qjCUpYGSOlMTfSyBAq1odKESKBkCYAN
kwa5pZD71lBmT6a75m3edJhIlSNEkTiS1pjeDV9hxfouwhqW3puFTCw+mx3pVBsn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:01 2024 by rpki-client on console-fra.rpki-client.org